@coana-tech/cli 14.0.21 → 14.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.js +223 -169
- package/package.json +1 -1
package/cli.js
CHANGED
|
@@ -67427,15 +67427,15 @@ function updateCatalog(update2, map2) {
|
|
|
67427
67427
|
}
|
|
67428
67428
|
}
|
|
67429
67429
|
}
|
|
67430
|
-
var
|
|
67430
|
+
var import_promises3, import_path2, import_yaml, import_lockfile_file, PnpmFixingManager;
|
|
67431
67431
|
var init_pnpm_fixing_manager = __esm({
|
|
67432
67432
|
"../fixing-management/src/fixing-management/npm/pnpm-fixing-manager.ts"() {
|
|
67433
67433
|
"use strict";
|
|
67434
|
+
import_promises3 = require("fs/promises");
|
|
67434
67435
|
import_path2 = require("path");
|
|
67435
|
-
init_npm_utils();
|
|
67436
67436
|
init_command_utils();
|
|
67437
|
+
init_npm_utils();
|
|
67437
67438
|
init_logger_singleton();
|
|
67438
|
-
import_promises3 = require("fs/promises");
|
|
67439
67439
|
import_yaml = __toESM(require_dist());
|
|
67440
67440
|
import_lockfile_file = __toESM(require_lib16());
|
|
67441
67441
|
init_npm_ecosystem_fixing_manager();
|
|
@@ -84521,21 +84521,21 @@ var require_yarnlock_parse_raw = __commonJS({
|
|
|
84521
84521
|
});
|
|
84522
84522
|
|
|
84523
84523
|
// ../fixing-management/src/fixing-management/npm/yarn-fixing-manager.ts
|
|
84524
|
-
var import_promises4, import_path4, import_yarnlock_parse_raw,
|
|
84524
|
+
var import_fs3, import_promises4, import_path4, import_yarnlock_parse_raw, YarnFixingManager;
|
|
84525
84525
|
var init_yarn_fixing_manager = __esm({
|
|
84526
84526
|
"../fixing-management/src/fixing-management/npm/yarn-fixing-manager.ts"() {
|
|
84527
84527
|
"use strict";
|
|
84528
|
+
import_fs3 = require("fs");
|
|
84528
84529
|
import_promises4 = require("fs/promises");
|
|
84529
84530
|
import_path4 = require("path");
|
|
84530
84531
|
init_command_utils();
|
|
84532
|
+
init_npm_utils();
|
|
84531
84533
|
init_package_utils();
|
|
84534
|
+
init_async();
|
|
84532
84535
|
init_logger_singleton();
|
|
84533
84536
|
init_package_utils2();
|
|
84534
84537
|
import_yarnlock_parse_raw = __toESM(require_yarnlock_parse_raw());
|
|
84535
|
-
init_npm_utils();
|
|
84536
84538
|
init_npm_ecosystem_fixing_manager();
|
|
84537
|
-
init_async();
|
|
84538
|
-
import_fs3 = require("fs");
|
|
84539
84539
|
YarnFixingManager = class extends NpmEcosystemFixingManager {
|
|
84540
84540
|
yarnType = this.getYarnType();
|
|
84541
84541
|
getYarnType() {
|
|
@@ -88831,8 +88831,8 @@ var init_go_fixing_manager = __esm({
|
|
|
88831
88831
|
"../fixing-management/src/fixing-management/go/go-fixing-manager.ts"() {
|
|
88832
88832
|
"use strict";
|
|
88833
88833
|
import_path9 = require("path");
|
|
88834
|
-
init_command_utils();
|
|
88835
88834
|
import_semver2 = __toESM(require_semver2());
|
|
88835
|
+
init_command_utils();
|
|
88836
88836
|
init_async();
|
|
88837
88837
|
GoFixingManager = class {
|
|
88838
88838
|
constructor(rootDir, subprojectPath) {
|
|
@@ -95526,6 +95526,38 @@ var init_docker_manager = __esm({
|
|
|
95526
95526
|
}
|
|
95527
95527
|
});
|
|
95528
95528
|
|
|
95529
|
+
// ../utils/src/file-utils.ts
|
|
95530
|
+
function findParent(dir, predicate, wholePath) {
|
|
95531
|
+
let curr = dir;
|
|
95532
|
+
let last2 = dir;
|
|
95533
|
+
do {
|
|
95534
|
+
const name = wholePath ? curr : (0, import_path16.basename)(curr);
|
|
95535
|
+
if (predicate(name)) return curr;
|
|
95536
|
+
last2 = curr;
|
|
95537
|
+
curr = (0, import_path16.resolve)(curr, "..");
|
|
95538
|
+
} while (curr !== last2);
|
|
95539
|
+
return void 0;
|
|
95540
|
+
}
|
|
95541
|
+
async function exists(path2, mode) {
|
|
95542
|
+
try {
|
|
95543
|
+
await (0, import_promises10.access)(path2, mode);
|
|
95544
|
+
return true;
|
|
95545
|
+
} catch {
|
|
95546
|
+
return false;
|
|
95547
|
+
}
|
|
95548
|
+
}
|
|
95549
|
+
var import_promises10, import_lodash4, import_micromatch, import_path16;
|
|
95550
|
+
var init_file_utils = __esm({
|
|
95551
|
+
"../utils/src/file-utils.ts"() {
|
|
95552
|
+
"use strict";
|
|
95553
|
+
import_promises10 = require("fs/promises");
|
|
95554
|
+
import_lodash4 = __toESM(require_lodash());
|
|
95555
|
+
import_micromatch = __toESM(require_micromatch());
|
|
95556
|
+
import_path16 = require("path");
|
|
95557
|
+
init_async();
|
|
95558
|
+
}
|
|
95559
|
+
});
|
|
95560
|
+
|
|
95529
95561
|
// ../utils/src/tmp-file.ts
|
|
95530
95562
|
var tmp_file_exports = {};
|
|
95531
95563
|
__export(tmp_file_exports, {
|
|
@@ -95534,7 +95566,7 @@ __export(tmp_file_exports, {
|
|
|
95534
95566
|
});
|
|
95535
95567
|
async function createTmpDirectory(prefix) {
|
|
95536
95568
|
try {
|
|
95537
|
-
const tmpDir = await (0,
|
|
95569
|
+
const tmpDir = await (0, import_promises11.mkdtemp)((0, import_path17.join)((0, import_os2.tmpdir)(), prefix));
|
|
95538
95570
|
return tmpDir;
|
|
95539
95571
|
} catch (err) {
|
|
95540
95572
|
console.log("Error creating tmp directory", err);
|
|
@@ -95546,16 +95578,16 @@ async function withTmpDirectory(prefix, fn2) {
|
|
|
95546
95578
|
try {
|
|
95547
95579
|
return await fn2(tmpDir);
|
|
95548
95580
|
} finally {
|
|
95549
|
-
await (0,
|
|
95581
|
+
await (0, import_promises11.rm)(tmpDir, { recursive: true, force: true });
|
|
95550
95582
|
}
|
|
95551
95583
|
}
|
|
95552
|
-
var
|
|
95584
|
+
var import_promises11, import_os2, import_path17;
|
|
95553
95585
|
var init_tmp_file = __esm({
|
|
95554
95586
|
"../utils/src/tmp-file.ts"() {
|
|
95555
95587
|
"use strict";
|
|
95556
|
-
|
|
95588
|
+
import_promises11 = require("fs/promises");
|
|
95557
95589
|
import_os2 = require("os");
|
|
95558
|
-
|
|
95590
|
+
import_path17 = require("path");
|
|
95559
95591
|
}
|
|
95560
95592
|
});
|
|
95561
95593
|
|
|
@@ -95636,86 +95668,6 @@ var init_esm_node = __esm({
|
|
|
95636
95668
|
}
|
|
95637
95669
|
});
|
|
95638
95670
|
|
|
95639
|
-
// ../utils/src/file-utils.ts
|
|
95640
|
-
function findParent(dir, predicate, wholePath) {
|
|
95641
|
-
let curr = dir;
|
|
95642
|
-
let last2 = dir;
|
|
95643
|
-
do {
|
|
95644
|
-
const name = wholePath ? curr : (0, import_path17.basename)(curr);
|
|
95645
|
-
if (predicate(name)) return curr;
|
|
95646
|
-
last2 = curr;
|
|
95647
|
-
curr = (0, import_path17.resolve)(curr, "..");
|
|
95648
|
-
} while (curr !== last2);
|
|
95649
|
-
return void 0;
|
|
95650
|
-
}
|
|
95651
|
-
async function exists(path2, mode) {
|
|
95652
|
-
try {
|
|
95653
|
-
await (0, import_promises11.access)(path2, mode);
|
|
95654
|
-
return true;
|
|
95655
|
-
} catch {
|
|
95656
|
-
return false;
|
|
95657
|
-
}
|
|
95658
|
-
}
|
|
95659
|
-
var import_promises11, import_lodash4, import_micromatch, import_path17;
|
|
95660
|
-
var init_file_utils = __esm({
|
|
95661
|
-
"../utils/src/file-utils.ts"() {
|
|
95662
|
-
"use strict";
|
|
95663
|
-
import_promises11 = require("fs/promises");
|
|
95664
|
-
import_lodash4 = __toESM(require_lodash());
|
|
95665
|
-
import_micromatch = __toESM(require_micromatch());
|
|
95666
|
-
import_path17 = require("path");
|
|
95667
|
-
init_async();
|
|
95668
|
-
}
|
|
95669
|
-
});
|
|
95670
|
-
|
|
95671
|
-
// ../utils/src/constants.ts
|
|
95672
|
-
var import_path18, import_lodash5, COANA_ROOT2, COANA_REPOS_PATH, REQUIREMENTS_FILES_SEARCH_DEPTH;
|
|
95673
|
-
var init_constants2 = __esm({
|
|
95674
|
-
"../utils/src/constants.ts"() {
|
|
95675
|
-
"use strict";
|
|
95676
|
-
import_path18 = require("path");
|
|
95677
|
-
init_file_utils();
|
|
95678
|
-
import_lodash5 = __toESM(require_lodash());
|
|
95679
|
-
COANA_ROOT2 = (0, import_lodash5.once)(() => {
|
|
95680
|
-
const coanaRoot = process.env.COANA_ROOT ?? findParent(__dirname, (d2) => ["coana-package-manager", "coana"].includes(d2));
|
|
95681
|
-
if (!coanaRoot) {
|
|
95682
|
-
throw new Error("COANA_ROOT not set and could not be found");
|
|
95683
|
-
}
|
|
95684
|
-
return coanaRoot;
|
|
95685
|
-
});
|
|
95686
|
-
COANA_REPOS_PATH = (0, import_lodash5.once)(() => {
|
|
95687
|
-
return process.env.COANA_REPOS_PATH ?? (0, import_path18.resolve)(COANA_ROOT2(), "coana-repos");
|
|
95688
|
-
});
|
|
95689
|
-
REQUIREMENTS_FILES_SEARCH_DEPTH = 2;
|
|
95690
|
-
}
|
|
95691
|
-
});
|
|
95692
|
-
|
|
95693
|
-
// ../other-modules-communicator/src/constants.ts
|
|
95694
|
-
var import_lodash6, import_path19, PACKAGE_MANAGER_SCRIPT_PATH, REACHABILITY_ANALYZERS_SCRIPT_PATH, DOCKER_ENV_WHITE_LIST;
|
|
95695
|
-
var init_constants3 = __esm({
|
|
95696
|
-
"../other-modules-communicator/src/constants.ts"() {
|
|
95697
|
-
"use strict";
|
|
95698
|
-
import_lodash6 = __toESM(require_lodash());
|
|
95699
|
-
import_path19 = require("path");
|
|
95700
|
-
init_constants2();
|
|
95701
|
-
PACKAGE_MANAGER_SCRIPT_PATH = (0, import_lodash6.once)(() => {
|
|
95702
|
-
return process.env.PACKAGE_MANAGER_SCRIPT_PATH ?? (0, import_path19.resolve)(COANA_ROOT2(), "packages", "package-management", "dist", "package-management-cli.js");
|
|
95703
|
-
});
|
|
95704
|
-
REACHABILITY_ANALYZERS_SCRIPT_PATH = (0, import_lodash6.once)(() => {
|
|
95705
|
-
return process.env.REACHABILITY_ANALYZERS_SCRIPT_PATH ?? (0, import_path19.resolve)(COANA_ROOT2(), "packages", "reachability-analyzers", "dist", "reachability-analyzers-cli.js");
|
|
95706
|
-
});
|
|
95707
|
-
DOCKER_ENV_WHITE_LIST = [
|
|
95708
|
-
"GITHUB_",
|
|
95709
|
-
"GH_",
|
|
95710
|
-
"SSH_",
|
|
95711
|
-
"_PASSWORD",
|
|
95712
|
-
"_USER",
|
|
95713
|
-
"COANA_REPORT_ID",
|
|
95714
|
-
"COANA_API_KEY"
|
|
95715
|
-
];
|
|
95716
|
-
}
|
|
95717
|
-
});
|
|
95718
|
-
|
|
95719
95671
|
// ../../node_modules/.pnpm/remeda@2.17.4/node_modules/remeda/dist/chunk-SUASHYJW.cjs
|
|
95720
95672
|
var require_chunk_SUASHYJW = __commonJS({
|
|
95721
95673
|
"../../node_modules/.pnpm/remeda@2.17.4/node_modules/remeda/dist/chunk-SUASHYJW.cjs"(exports2) {
|
|
@@ -99289,6 +99241,54 @@ var require_ecosystem_support = __commonJS({
|
|
|
99289
99241
|
}
|
|
99290
99242
|
});
|
|
99291
99243
|
|
|
99244
|
+
// ../utils/src/constants.ts
|
|
99245
|
+
var import_path18, import_lodash5, COANA_ROOT2, COANA_REPOS_PATH, REQUIREMENTS_FILES_SEARCH_DEPTH;
|
|
99246
|
+
var init_constants2 = __esm({
|
|
99247
|
+
"../utils/src/constants.ts"() {
|
|
99248
|
+
"use strict";
|
|
99249
|
+
import_path18 = require("path");
|
|
99250
|
+
init_file_utils();
|
|
99251
|
+
import_lodash5 = __toESM(require_lodash());
|
|
99252
|
+
COANA_ROOT2 = (0, import_lodash5.once)(() => {
|
|
99253
|
+
const coanaRoot = process.env.COANA_ROOT ?? findParent(__dirname, (d2) => ["coana-package-manager", "coana"].includes(d2));
|
|
99254
|
+
if (!coanaRoot) {
|
|
99255
|
+
throw new Error("COANA_ROOT not set and could not be found");
|
|
99256
|
+
}
|
|
99257
|
+
return coanaRoot;
|
|
99258
|
+
});
|
|
99259
|
+
COANA_REPOS_PATH = (0, import_lodash5.once)(() => {
|
|
99260
|
+
return process.env.COANA_REPOS_PATH ?? (0, import_path18.resolve)(COANA_ROOT2(), "coana-repos");
|
|
99261
|
+
});
|
|
99262
|
+
REQUIREMENTS_FILES_SEARCH_DEPTH = 2;
|
|
99263
|
+
}
|
|
99264
|
+
});
|
|
99265
|
+
|
|
99266
|
+
// ../other-modules-communicator/src/constants.ts
|
|
99267
|
+
var import_lodash6, import_path19, PACKAGE_MANAGER_SCRIPT_PATH, REACHABILITY_ANALYZERS_SCRIPT_PATH, DOCKER_ENV_WHITE_LIST;
|
|
99268
|
+
var init_constants3 = __esm({
|
|
99269
|
+
"../other-modules-communicator/src/constants.ts"() {
|
|
99270
|
+
"use strict";
|
|
99271
|
+
import_lodash6 = __toESM(require_lodash());
|
|
99272
|
+
import_path19 = require("path");
|
|
99273
|
+
init_constants2();
|
|
99274
|
+
PACKAGE_MANAGER_SCRIPT_PATH = (0, import_lodash6.once)(() => {
|
|
99275
|
+
return process.env.PACKAGE_MANAGER_SCRIPT_PATH ?? (0, import_path19.resolve)(COANA_ROOT2(), "packages", "package-management", "dist", "package-management-cli.js");
|
|
99276
|
+
});
|
|
99277
|
+
REACHABILITY_ANALYZERS_SCRIPT_PATH = (0, import_lodash6.once)(() => {
|
|
99278
|
+
return process.env.REACHABILITY_ANALYZERS_SCRIPT_PATH ?? (0, import_path19.resolve)(COANA_ROOT2(), "packages", "reachability-analyzers", "dist", "reachability-analyzers-cli.js");
|
|
99279
|
+
});
|
|
99280
|
+
DOCKER_ENV_WHITE_LIST = [
|
|
99281
|
+
"GITHUB_",
|
|
99282
|
+
"GH_",
|
|
99283
|
+
"SSH_",
|
|
99284
|
+
"_PASSWORD",
|
|
99285
|
+
"_USER",
|
|
99286
|
+
"COANA_REPORT_ID",
|
|
99287
|
+
"COANA_API_KEY"
|
|
99288
|
+
];
|
|
99289
|
+
}
|
|
99290
|
+
});
|
|
99291
|
+
|
|
99292
99292
|
// ../other-modules-communicator/src/other-modules-communicator.ts
|
|
99293
99293
|
var other_modules_communicator_exports = {};
|
|
99294
99294
|
__export(other_modules_communicator_exports, {
|
|
@@ -99304,30 +99304,31 @@ async function getEcosystemSpecificDockerArgs(ecosystem) {
|
|
|
99304
99304
|
}
|
|
99305
99305
|
return [];
|
|
99306
99306
|
}
|
|
99307
|
-
var import_promises12, import_lodash7, import_os3, import_path20,
|
|
99307
|
+
var import_child_process2, import_fs10, import_promises12, import_lodash7, import_os3, import_path20, import_ecosystem_support2, import_logger_singleton7, pullDockerImage, OtherModulesCommunicator, setUpGoModuleCache;
|
|
99308
99308
|
var init_other_modules_communicator = __esm({
|
|
99309
99309
|
"../other-modules-communicator/src/other-modules-communicator.ts"() {
|
|
99310
99310
|
"use strict";
|
|
99311
|
+
import_child_process2 = require("child_process");
|
|
99311
99312
|
init_docker_manager();
|
|
99313
|
+
import_fs10 = require("fs");
|
|
99312
99314
|
import_promises12 = require("fs/promises");
|
|
99313
99315
|
import_lodash7 = __toESM(require_lodash());
|
|
99314
99316
|
import_os3 = require("os");
|
|
99315
99317
|
import_path20 = require("path");
|
|
99316
99318
|
init_command_utils();
|
|
99319
|
+
init_file_utils();
|
|
99320
|
+
init_spinner();
|
|
99317
99321
|
init_tmp_file();
|
|
99318
99322
|
init_esm_node();
|
|
99323
|
+
import_ecosystem_support2 = __toESM(require_ecosystem_support());
|
|
99319
99324
|
import_logger_singleton7 = __toESM(require_logger_singleton());
|
|
99320
99325
|
init_constants3();
|
|
99321
|
-
init_spinner();
|
|
99322
|
-
init_file_utils();
|
|
99323
|
-
import_fs10 = require("fs");
|
|
99324
|
-
import_child_process2 = require("child_process");
|
|
99325
|
-
import_ecosystem_support2 = __toESM(require_ecosystem_support());
|
|
99326
99326
|
pullDockerImage = (0, import_lodash7.memoize)(async (image) => execPipeAndLogOnFailure(["docker", "pull", image]));
|
|
99327
99327
|
OtherModulesCommunicator = class {
|
|
99328
|
-
constructor(rootWorkingDir, options) {
|
|
99328
|
+
constructor(rootWorkingDir, options, apiKey) {
|
|
99329
99329
|
this.rootWorkingDir = rootWorkingDir;
|
|
99330
99330
|
this.options = options;
|
|
99331
|
+
this.apiKey = apiKey;
|
|
99331
99332
|
}
|
|
99332
99333
|
// Memoize temporary directory per subprojectPath
|
|
99333
99334
|
getTmpDirForSubproject = (0, import_lodash7.memoize)(
|
|
@@ -99415,7 +99416,11 @@ var init_other_modules_communicator = __esm({
|
|
|
99415
99416
|
subprojectPath,
|
|
99416
99417
|
[...args2, "-o", outputFilePath],
|
|
99417
99418
|
extraDockerArgs,
|
|
99418
|
-
{
|
|
99419
|
+
{
|
|
99420
|
+
...env ?? process.env,
|
|
99421
|
+
COANA_REPORT_ID: this.options.reportId,
|
|
99422
|
+
COANA_API_KEY: this.apiKey.type === "present" ? this.apiKey.value : ""
|
|
99423
|
+
}
|
|
99419
99424
|
);
|
|
99420
99425
|
return JSON.parse(await (0, import_promises12.readFile)(outputFilePath, "utf-8")).result;
|
|
99421
99426
|
}
|
|
@@ -99550,7 +99555,11 @@ var init_other_modules_communicator = __esm({
|
|
|
99550
99555
|
subprojectPath,
|
|
99551
99556
|
workspacePath,
|
|
99552
99557
|
argt`-i ${inputFile}`,
|
|
99553
|
-
{
|
|
99558
|
+
{
|
|
99559
|
+
...process.env,
|
|
99560
|
+
COANA_REPORT_ID: this.options.reportId,
|
|
99561
|
+
COANA_API_KEY: this.apiKey.type === "present" ? this.apiKey.value : ""
|
|
99562
|
+
}
|
|
99554
99563
|
);
|
|
99555
99564
|
}
|
|
99556
99565
|
};
|
|
@@ -127077,8 +127086,9 @@ __export(dashboard_integration_exports, {
|
|
|
127077
127086
|
submitSubprojects: () => submitSubprojects
|
|
127078
127087
|
});
|
|
127079
127088
|
async function createReport(repoUrl, projectName, cliVersion, commitSha, branchName, cliOptions, apiKey, cliRunEnv) {
|
|
127089
|
+
if (apiKey.type === "missing") throw new Error("Don't call createReport with a missing apiKey");
|
|
127080
127090
|
try {
|
|
127081
|
-
return (await sendPostRequest(coanaAPIUrls.CREATE_REPORT, apiKey, { repoUrl, projectName }, {
|
|
127091
|
+
return (await sendPostRequest(coanaAPIUrls.CREATE_REPORT, apiKey.value, { repoUrl, projectName }, {
|
|
127082
127092
|
reportType: "v6",
|
|
127083
127093
|
cliVersion,
|
|
127084
127094
|
commitSha,
|
|
@@ -127092,20 +127102,25 @@ async function createReport(repoUrl, projectName, cliVersion, commitSha, branchN
|
|
|
127092
127102
|
}
|
|
127093
127103
|
}
|
|
127094
127104
|
async function submitSubprojects(subprojects, reportId, apiKey) {
|
|
127095
|
-
if (!reportId) return;
|
|
127105
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127096
127106
|
try {
|
|
127097
|
-
await sendPostRequest(
|
|
127107
|
+
await sendPostRequest(
|
|
127108
|
+
`${coanaAPIUrls.REPORT_SUBPROJECTS.replace(":reportId", reportId)}`,
|
|
127109
|
+
apiKey.value,
|
|
127110
|
+
{},
|
|
127111
|
+
subprojects
|
|
127112
|
+
);
|
|
127098
127113
|
} catch (e) {
|
|
127099
127114
|
sendWarningToDashboard("Unable to submit subprojects", { reportId }, subprojects, reportId, apiKey);
|
|
127100
127115
|
logger.warn("Unable to submit subprojects:", e.message);
|
|
127101
127116
|
}
|
|
127102
127117
|
}
|
|
127103
127118
|
async function createAnalysisMetadata(subprojectPath, workspacePath, ecosystem, analysisMetadata, reportId, apiKey) {
|
|
127104
|
-
if (!reportId) return;
|
|
127119
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127105
127120
|
try {
|
|
127106
127121
|
await sendPostRequest(
|
|
127107
127122
|
coanaAPIUrls.CREATE_ANALYSIS_METADATA.replace(":reportId", reportId),
|
|
127108
|
-
apiKey,
|
|
127123
|
+
apiKey.value,
|
|
127109
127124
|
{},
|
|
127110
127125
|
{ subprojectPath, workspacePath, ecosystem, ...analysisMetadata }
|
|
127111
127126
|
);
|
|
@@ -127114,12 +127129,12 @@ async function createAnalysisMetadata(subprojectPath, workspacePath, ecosystem,
|
|
|
127114
127129
|
}
|
|
127115
127130
|
}
|
|
127116
127131
|
async function getBucketsForLastReport(subprojectPath, workspacePath, ecosystem, newReportId, apiKey) {
|
|
127117
|
-
if (!newReportId) return;
|
|
127132
|
+
if (!newReportId || apiKey.type === "missing") return;
|
|
127118
127133
|
try {
|
|
127119
127134
|
return (await axios_default.get(coanaAPIUrls.GET_LATEST_BUCKETS, {
|
|
127120
127135
|
headers: {
|
|
127121
127136
|
"Content-Type": "application/json",
|
|
127122
|
-
apiKey
|
|
127137
|
+
apiKey: apiKey.value
|
|
127123
127138
|
},
|
|
127124
127139
|
params: { newReportId, subprojectPath, workspacePath, ecosystem }
|
|
127125
127140
|
})).data;
|
|
@@ -127136,12 +127151,12 @@ async function getBucketsForLastReport(subprojectPath, workspacePath, ecosystem,
|
|
|
127136
127151
|
}
|
|
127137
127152
|
}
|
|
127138
127153
|
async function getPreviousAnalysisResults(subprojectPath, workspacePath, newReportId, apiKey) {
|
|
127139
|
-
if (!newReportId) return;
|
|
127154
|
+
if (!newReportId || apiKey.type === "missing") return;
|
|
127140
127155
|
try {
|
|
127141
127156
|
return (await axios_default.get(coanaAPIUrls.GET_LATEST_RESULTS, {
|
|
127142
127157
|
headers: {
|
|
127143
127158
|
"Content-Type": "application/json",
|
|
127144
|
-
apiKey
|
|
127159
|
+
apiKey: apiKey.value
|
|
127145
127160
|
},
|
|
127146
127161
|
params: { newReportId, subprojectPath, workspacePath }
|
|
127147
127162
|
})).data;
|
|
@@ -127160,11 +127175,11 @@ async function getPreviousAnalysisResults(subprojectPath, workspacePath, newRepo
|
|
|
127160
127175
|
}
|
|
127161
127176
|
}
|
|
127162
127177
|
async function sendRegressionsToDashboard(regressions, subprojectPath, workspacePath, reportId, apiKey) {
|
|
127163
|
-
if (!reportId) return;
|
|
127178
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127164
127179
|
try {
|
|
127165
127180
|
await sendPostRequest(
|
|
127166
127181
|
coanaAPIUrls.CREATE_REGRESSIONS.replace(":reportId", reportId),
|
|
127167
|
-
apiKey,
|
|
127182
|
+
apiKey.value,
|
|
127168
127183
|
{ subprojectPath, workspacePath },
|
|
127169
127184
|
regressions
|
|
127170
127185
|
);
|
|
@@ -127183,12 +127198,12 @@ async function sendRegressionsToDashboard(regressions, subprojectPath, workspace
|
|
|
127183
127198
|
}
|
|
127184
127199
|
}
|
|
127185
127200
|
async function getExperimentName(subprojectPath, workspacePath, ecosystem, reportId, apiKey) {
|
|
127186
|
-
if (!reportId) return;
|
|
127201
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127187
127202
|
try {
|
|
127188
127203
|
return (await axios_default.get(coanaAPIUrls.GET_EXPERIMENT_NAME, {
|
|
127189
127204
|
headers: {
|
|
127190
127205
|
"Content-Type": "application/json",
|
|
127191
|
-
apiKey
|
|
127206
|
+
apiKey: apiKey.value
|
|
127192
127207
|
},
|
|
127193
127208
|
params: { subprojectPath, workspacePath, ecosystem, reportId }
|
|
127194
127209
|
})).data;
|
|
@@ -127203,11 +127218,11 @@ async function getExperimentName(subprojectPath, workspacePath, ecosystem, repor
|
|
|
127203
127218
|
}
|
|
127204
127219
|
}
|
|
127205
127220
|
async function sendCLIProgressToDashboard(cliProgressEvent, isStartEvent, reportId, apiKey) {
|
|
127206
|
-
if (!reportId) return;
|
|
127221
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127207
127222
|
try {
|
|
127208
127223
|
await sendPostRequest(
|
|
127209
127224
|
coanaAPIUrls.REPORT_CLI_PROGRESS.replace(":reportId", reportId),
|
|
127210
|
-
apiKey,
|
|
127225
|
+
apiKey.value,
|
|
127211
127226
|
{ isStartEvent, time: (/* @__PURE__ */ new Date()).toISOString() },
|
|
127212
127227
|
cliProgressEvent
|
|
127213
127228
|
);
|
|
@@ -127216,18 +127231,24 @@ async function sendCLIProgressToDashboard(cliProgressEvent, isStartEvent, report
|
|
|
127216
127231
|
}
|
|
127217
127232
|
}
|
|
127218
127233
|
async function sendWarningToDashboard(message2, data2, additionalData, reportId, apiKey) {
|
|
127219
|
-
if (!reportId) return;
|
|
127234
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127220
127235
|
try {
|
|
127221
|
-
await sendPostRequest(
|
|
127236
|
+
await sendPostRequest(
|
|
127237
|
+
coanaAPIUrls.SUBMIT_REPORT_WARNING,
|
|
127238
|
+
apiKey.value,
|
|
127239
|
+
{ reportId },
|
|
127240
|
+
{ message: message2, data: data2, additionalData }
|
|
127241
|
+
);
|
|
127222
127242
|
} catch (error) {
|
|
127223
127243
|
handleError(error, "Error sending warning to dashboard", false);
|
|
127224
127244
|
}
|
|
127225
127245
|
}
|
|
127226
127246
|
async function sendDependencyTreesToDashboard(dependencyTrees, reportId, apiKey) {
|
|
127247
|
+
if (apiKey.type === "missing") return;
|
|
127227
127248
|
try {
|
|
127228
127249
|
await sendPostRequest(
|
|
127229
127250
|
coanaAPIUrls.SEND_DEPENDENCY_TREES.replace(":reportId", reportId),
|
|
127230
|
-
apiKey,
|
|
127251
|
+
apiKey.value,
|
|
127231
127252
|
{},
|
|
127232
127253
|
dependencyTrees
|
|
127233
127254
|
);
|
|
@@ -127237,6 +127258,7 @@ async function sendDependencyTreesToDashboard(dependencyTrees, reportId, apiKey)
|
|
|
127237
127258
|
}
|
|
127238
127259
|
}
|
|
127239
127260
|
async function sendToDashboard(report, writeReportToFile, reportId, apiKey) {
|
|
127261
|
+
if (apiKey.type === "missing") return;
|
|
127240
127262
|
try {
|
|
127241
127263
|
if (writeReportToFile) {
|
|
127242
127264
|
logger.info("Writing report to dashboard-report.json");
|
|
@@ -127246,13 +127268,14 @@ async function sendToDashboard(report, writeReportToFile, reportId, apiKey) {
|
|
|
127246
127268
|
(0, import_artifact.create)().uploadArtifact("dashboard-report", ["dashboard-report.json"], process.cwd());
|
|
127247
127269
|
}
|
|
127248
127270
|
}
|
|
127249
|
-
await sendPostRequest(coanaAPIUrls.SUBMIT_REPORT, apiKey, { reportId }, report);
|
|
127271
|
+
await sendPostRequest(coanaAPIUrls.SUBMIT_REPORT, apiKey.value, { reportId }, report);
|
|
127250
127272
|
logger.info("Report submitted to dashboard successfully");
|
|
127251
127273
|
} catch (error) {
|
|
127252
127274
|
handleError(error, "Error submitting report to dashboard");
|
|
127253
127275
|
}
|
|
127254
127276
|
}
|
|
127255
127277
|
async function sendErrorReportToDashboard(apiKey, stackTrace, shouldLogSharing, reportId, repoUrl, projectName, logContent) {
|
|
127278
|
+
if (apiKey.type === "missing") return;
|
|
127256
127279
|
if (shouldLogSharing) {
|
|
127257
127280
|
console.log("Sending crash report to Coana");
|
|
127258
127281
|
console.log("The report will help team Coana debug the crash");
|
|
@@ -127263,7 +127286,7 @@ async function sendErrorReportToDashboard(apiKey, stackTrace, shouldLogSharing,
|
|
|
127263
127286
|
stackTrace,
|
|
127264
127287
|
logContent
|
|
127265
127288
|
};
|
|
127266
|
-
await sendPostRequest(coanaAPIUrls.SUBMIT_REPORT_ERROR, apiKey, { repoUrl, projectName, reportId }, report);
|
|
127289
|
+
await sendPostRequest(coanaAPIUrls.SUBMIT_REPORT_ERROR, apiKey.value, { repoUrl, projectName, reportId }, report);
|
|
127267
127290
|
if (shouldLogSharing) {
|
|
127268
127291
|
console.log("Crash report submitted to dashboard successfully");
|
|
127269
127292
|
}
|
|
@@ -127299,10 +127322,11 @@ function GET_AXIOS_CLIENT_TESTING_ONLY() {
|
|
|
127299
127322
|
return axiosClient;
|
|
127300
127323
|
}
|
|
127301
127324
|
async function sendLogToDashboard(logContent, reportId, apiKey) {
|
|
127325
|
+
if (apiKey.type === "missing") return;
|
|
127302
127326
|
if (!logContent) return;
|
|
127303
127327
|
logger.info("Sending log to Coana");
|
|
127304
127328
|
try {
|
|
127305
|
-
await sendPostRequest(coanaAPIUrls.SEND_LOG.replace(":reportId", reportId), apiKey, { reportId }, {
|
|
127329
|
+
await sendPostRequest(coanaAPIUrls.SEND_LOG.replace(":reportId", reportId), apiKey.value, { reportId }, {
|
|
127306
127330
|
logContent
|
|
127307
127331
|
});
|
|
127308
127332
|
} catch (error) {
|
|
@@ -127387,10 +127411,15 @@ async function disableRetryOnErrors() {
|
|
|
127387
127411
|
}
|
|
127388
127412
|
async function getVulnerabilities(dependencyTree, apiKey, timeout) {
|
|
127389
127413
|
try {
|
|
127414
|
+
const headers = {
|
|
127415
|
+
"Content-Type": "application/json",
|
|
127416
|
+
...apiKey.type === "present" ? { authorization: `api-key ${apiKey.value}` } : {}
|
|
127417
|
+
};
|
|
127418
|
+
const url2 = apiKey.type === "present" ? ApiUrls.post.fetchVulnerabilities : ApiUrls.post.fetchVulnerabilitiesPublic;
|
|
127390
127419
|
const axiosResponse = await axiosClient2.post(
|
|
127391
|
-
|
|
127420
|
+
url2,
|
|
127392
127421
|
{ dependencyTree: await dependencyTree, version: SECURITY_AUDITOR_VERSION },
|
|
127393
|
-
{ timeout, headers
|
|
127422
|
+
{ timeout, headers }
|
|
127394
127423
|
);
|
|
127395
127424
|
return axiosResponse.data;
|
|
127396
127425
|
} catch (e) {
|
|
@@ -127415,11 +127444,12 @@ async function getFixesFromId(dependencyTree, fixId, timeout) {
|
|
|
127415
127444
|
}
|
|
127416
127445
|
async function getVulnerabilityMetadata(data2, apiKey, timeout) {
|
|
127417
127446
|
try {
|
|
127418
|
-
const
|
|
127419
|
-
|
|
127420
|
-
|
|
127421
|
-
|
|
127422
|
-
|
|
127447
|
+
const url2 = apiKey.type === "present" ? ApiUrls.post.getVulnerabilityMetadata : ApiUrls.post.getVulnerabilityMetadataPublic;
|
|
127448
|
+
const headers = {
|
|
127449
|
+
"Content-Type": "application/json",
|
|
127450
|
+
...apiKey.type === "present" ? { authorization: `api-key ${apiKey.value}` } : {}
|
|
127451
|
+
};
|
|
127452
|
+
const response = await axiosClient2.post(url2, { packages: data2.packages }, { headers, timeout: timeout ?? 2e4 });
|
|
127423
127453
|
return response.data;
|
|
127424
127454
|
} catch (e) {
|
|
127425
127455
|
handleError2(e, "Failed to fetch vulnerability metadata", true);
|
|
@@ -127474,8 +127504,10 @@ var init_security_auditor_api = __esm({
|
|
|
127474
127504
|
ApiUrls = {
|
|
127475
127505
|
post: {
|
|
127476
127506
|
fetchVulnerabilities: `${securityAuditorURL}/security-auditor/audit-dependency-tree`,
|
|
127507
|
+
fetchVulnerabilitiesPublic: `${securityAuditorURL}/security-auditor/audit-dependency-tree-public`,
|
|
127477
127508
|
getFixFromId: `${securityAuditorURL}/security-auditor/get-fix-from-id`,
|
|
127478
|
-
getVulnerabilityMetadata: `${securityAuditorURL}/security-auditor/vulnerability-metadata-with-names
|
|
127509
|
+
getVulnerabilityMetadata: `${securityAuditorURL}/security-auditor/vulnerability-metadata-with-names`,
|
|
127510
|
+
getVulnerabilityMetadataPublic: `${securityAuditorURL}/security-auditor/vulnerability-metadata-with-names-public`
|
|
127479
127511
|
}
|
|
127480
127512
|
};
|
|
127481
127513
|
}
|
|
@@ -127523,7 +127555,9 @@ var require_cli_apply_fix = __commonJS({
|
|
|
127523
127555
|
async function applyFix(path2, fixIds, options) {
|
|
127524
127556
|
logger_singleton_1.logger.initWinstonLogger(options.debug);
|
|
127525
127557
|
logger_singleton_1.logger.silent = options.silent;
|
|
127526
|
-
const otherModulesCommunicator = new other_modules_communicator_1.OtherModulesCommunicator(path2, options
|
|
127558
|
+
const otherModulesCommunicator = new other_modules_communicator_1.OtherModulesCommunicator(path2, options, {
|
|
127559
|
+
type: "missing"
|
|
127560
|
+
});
|
|
127527
127561
|
logger_singleton_1.logger.info(`Applying fixes for ${fixIds.length} fix ${fixIds.length > 1 ? "IDs" : "ID"}`);
|
|
127528
127562
|
const parsedFixIds = fixIds.map((fixId) => {
|
|
127529
127563
|
if (!fixId.startsWith("fix_")) {
|
|
@@ -132269,9 +132303,6 @@ var require_github_pr_tools = __commonJS({
|
|
|
132269
132303
|
if (!token) {
|
|
132270
132304
|
throw new Error("No GitHub token provided. Can't add a comment to the pull request.");
|
|
132271
132305
|
}
|
|
132272
|
-
if (!this.apiKey) {
|
|
132273
|
-
throw new Error("No Coana API key provided. Can't add a comment to the pull request.");
|
|
132274
|
-
}
|
|
132275
132306
|
const pullRequest = githubContext.payload.pull_request;
|
|
132276
132307
|
if (!pullRequest) {
|
|
132277
132308
|
this.context = { enabled: false };
|
|
@@ -132511,7 +132542,8 @@ var require_cli_compare_reports = __commonJS({
|
|
|
132511
132542
|
await compareReportsWithDiff(diff, options, newReport);
|
|
132512
132543
|
}
|
|
132513
132544
|
async function compareReportsWithDiff(diff, options, newReport) {
|
|
132514
|
-
const
|
|
132545
|
+
const apiKey = options.apiKey ? { type: "present", value: options.apiKey } : { type: "missing" };
|
|
132546
|
+
const ghPRTools = new github_pr_tools_1.GitHubPRTools(apiKey, options.prComment);
|
|
132515
132547
|
const ignoredGHSAs = await ghPRTools.getIgnoredGHSAs();
|
|
132516
132548
|
console.log(`Ignoring the following GHSA IDs: ${ignoredGHSAs.join(", ")}`);
|
|
132517
132549
|
const nonIgnoredDiff = diff.filter((vuln) => !ignoredGHSAs.includes((0, ghsa_1.extractGHSAIdFromUrl)(vuln.vulnerabilityUrl) ?? ""));
|
|
@@ -133774,9 +133806,9 @@ var init_project_manager = __esm({
|
|
|
133774
133806
|
"../project-management/src/project-management/project-manager.ts"() {
|
|
133775
133807
|
"use strict";
|
|
133776
133808
|
import_path23 = require("path");
|
|
133809
|
+
init_ecosystem_support();
|
|
133777
133810
|
init_ecosystem_manager();
|
|
133778
133811
|
init_ecosystem_specs();
|
|
133779
|
-
init_ecosystem_support();
|
|
133780
133812
|
ProjectManager = class _ProjectManager {
|
|
133781
133813
|
constructor(ecosystemToEcosystemManager, projectDir, otherModulesCommunicator) {
|
|
133782
133814
|
this.ecosystemToEcosystemManager = ecosystemToEcosystemManager;
|
|
@@ -193782,7 +193814,9 @@ var init_security_auditor = __esm({
|
|
|
193782
193814
|
if (!vuln.range) return;
|
|
193783
193815
|
if (!versionSatisfiesRange(getEcosystem(packageStructure), curPackageVersion, vuln.range)) return;
|
|
193784
193816
|
let vulnObj;
|
|
193785
|
-
const alreadyFound = vulnerabilitiesFound.find(
|
|
193817
|
+
const alreadyFound = vulnerabilitiesFound.find(
|
|
193818
|
+
(v) => v.url === vuln.url && v.dependency === vuln.dependency
|
|
193819
|
+
);
|
|
193786
193820
|
if (!alreadyFound) {
|
|
193787
193821
|
const vulnDetails = await that.coanaSupportedVulnerabilitiesLoader.getCoanaSupportedVulnerability(
|
|
193788
193822
|
getEcosystem(vuln),
|
|
@@ -193957,8 +193991,8 @@ var require_vulnerability_scanning = __commonJS({
|
|
|
193957
193991
|
if (offlineVulnerabilityScannerDBPath) {
|
|
193958
193992
|
return await offlineScan(dependencyTree, offlineVulnerabilityScannerDBPath);
|
|
193959
193993
|
} else {
|
|
193960
|
-
if (!
|
|
193961
|
-
throw new Error("
|
|
193994
|
+
if (!timeout) {
|
|
193995
|
+
throw new Error("A timeout value is required for online vulnerability scanning");
|
|
193962
193996
|
}
|
|
193963
193997
|
return await onlineScan(dependencyTree, apiKey, timeout);
|
|
193964
193998
|
}
|
|
@@ -193994,7 +194028,7 @@ var require_version = __commonJS({
|
|
|
193994
194028
|
"use strict";
|
|
193995
194029
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
193996
194030
|
exports2.version = void 0;
|
|
193997
|
-
exports2.version = "14.
|
|
194031
|
+
exports2.version = "14.1.1";
|
|
193998
194032
|
}
|
|
193999
194033
|
});
|
|
194000
194034
|
|
|
@@ -194040,6 +194074,9 @@ var require_cli_core = __commonJS({
|
|
|
194040
194074
|
coanaLogPath = "";
|
|
194041
194075
|
shareWithDashboard;
|
|
194042
194076
|
reportId;
|
|
194077
|
+
apiKey = {
|
|
194078
|
+
type: "missing"
|
|
194079
|
+
};
|
|
194043
194080
|
constructor(rootWorkingDirectory, options) {
|
|
194044
194081
|
this.options = options;
|
|
194045
194082
|
this.analysisMemoryLimitInMb = +this.options.memoryLimit;
|
|
@@ -194053,20 +194090,42 @@ var require_cli_core = __commonJS({
|
|
|
194053
194090
|
this.spinner = spinner_1.Spinner.instance({ text: "Running Coana CLI", isSilent: this.options.silent });
|
|
194054
194091
|
this.shareWithDashboard = !!(this.options.apiKey && !this.options.disableReportSubmission && (this.options.repoUrl ?? this.options.projectName));
|
|
194055
194092
|
}
|
|
194093
|
+
verifyApiKey(key) {
|
|
194094
|
+
const checkIfApiKeyIsEmptyMessage = "You may be trying to provide the API key through an environment variable or CI secret which is either undefined or empty.";
|
|
194095
|
+
if (key === "api-key-unavailable") {
|
|
194096
|
+
throw new Error("API key is is 'api-key-unavailable'. This is likely a default value assigned because you forgot to provide the API key as a secret in your CI environment.");
|
|
194097
|
+
}
|
|
194098
|
+
if (key.length < 15 && key.startsWith("-")) {
|
|
194099
|
+
throw new Error(`The provided API key '${key}' is invalid. ${checkIfApiKeyIsEmptyMessage}`);
|
|
194100
|
+
}
|
|
194101
|
+
if (key.length < 20 || key.length > 21) {
|
|
194102
|
+
throw new Error(`The provided API key is invalid. ${checkIfApiKeyIsEmptyMessage}`);
|
|
194103
|
+
}
|
|
194104
|
+
}
|
|
194056
194105
|
verifyOptions() {
|
|
194057
194106
|
if (this.options.writeReportToFile) {
|
|
194058
194107
|
logger_singleton_1.logger.warn("--write-report-to-file is deprecated. Please use --output json instead");
|
|
194059
194108
|
}
|
|
194060
|
-
if (!this.options.offlineDatabase && !this.options.apiKey) {
|
|
194109
|
+
if (!this.options.offlineDatabase && !this.options.apiKey && !this.options.guardrailMode) {
|
|
194061
194110
|
throw new Error("An API key is required to run the Coana CLI");
|
|
194062
194111
|
}
|
|
194112
|
+
if (this.options.guardrailMode) {
|
|
194113
|
+
this.options.disableReportSubmission = true;
|
|
194114
|
+
}
|
|
194063
194115
|
if (this.options.apiKey) {
|
|
194064
|
-
|
|
194065
|
-
|
|
194066
|
-
|
|
194067
|
-
|
|
194068
|
-
|
|
194069
|
-
|
|
194116
|
+
try {
|
|
194117
|
+
this.verifyApiKey(this.options.apiKey);
|
|
194118
|
+
this.apiKey = {
|
|
194119
|
+
type: "present",
|
|
194120
|
+
value: this.options.apiKey
|
|
194121
|
+
};
|
|
194122
|
+
} catch (e) {
|
|
194123
|
+
if (this.options.guardrailMode) {
|
|
194124
|
+
logger_singleton_1.logger.warn("API key is missing or invalid. Continuing in unauthenticated guardrail mode.");
|
|
194125
|
+
this.apiKey = { type: "missing" };
|
|
194126
|
+
} else {
|
|
194127
|
+
throw e;
|
|
194128
|
+
}
|
|
194070
194129
|
}
|
|
194071
194130
|
}
|
|
194072
194131
|
if (!this.options.repoUrl && !this.options.projectName && !this.options.disableReportSubmission) {
|
|
@@ -194094,9 +194153,9 @@ var require_cli_core = __commonJS({
|
|
|
194094
194153
|
}
|
|
194095
194154
|
this.spinner.start();
|
|
194096
194155
|
try {
|
|
194097
|
-
if (this.shareWithDashboard) {
|
|
194156
|
+
if (this.shareWithDashboard && this.apiKey.type === "present") {
|
|
194098
194157
|
const gitData = await getGitDataToMetadataIfAvailable(this.rootWorkingDirectory);
|
|
194099
|
-
this.reportId = await (0, dashboard_integration_1.createReport)(this.options.repoUrl, this.options.projectName, version_12.version, gitData?.sha, gitData?.branchName, (0, lodash_1.omit)(this.options, "apiKey", "print-report", "repoUrl", "projectName", "writeReportToFile"), this.
|
|
194158
|
+
this.reportId = await (0, dashboard_integration_1.createReport)(this.options.repoUrl, this.options.projectName, version_12.version, gitData?.sha, gitData?.branchName, (0, lodash_1.omit)(this.options, "apiKey", "print-report", "repoUrl", "projectName", "writeReportToFile"), this.apiKey, this.options.runEnv);
|
|
194100
194159
|
}
|
|
194101
194160
|
const report = await this.computeReport();
|
|
194102
194161
|
logger_singleton_1.logger.info("Report computed successfully");
|
|
@@ -194123,13 +194182,11 @@ var require_cli_core = __commonJS({
|
|
|
194123
194182
|
return logContent;
|
|
194124
194183
|
}
|
|
194125
194184
|
async shareErrorLogWithDashboard(e, shouldLogSharing) {
|
|
194126
|
-
|
|
194127
|
-
await (0, dashboard_integration_1.sendErrorReportToDashboard)(this.options.apiKey, e.stack ?? e.message ?? "Unknown stack trace", shouldLogSharing, this.reportId, this.options.repoUrl, this.options.projectName, await this.getLogContent());
|
|
194128
|
-
}
|
|
194185
|
+
await (0, dashboard_integration_1.sendErrorReportToDashboard)(this.apiKey, e.stack ?? e.message ?? "Unknown stack trace", shouldLogSharing, this.reportId, this.options.repoUrl, this.options.projectName, await this.getLogContent());
|
|
194129
194186
|
}
|
|
194130
194187
|
async shareLogWithDashboard() {
|
|
194131
|
-
if (this.
|
|
194132
|
-
await (0, dashboard_integration_1.sendLogToDashboard)(await this.getLogContent(), this.reportId, this.
|
|
194188
|
+
if (this.reportId)
|
|
194189
|
+
await (0, dashboard_integration_1.sendLogToDashboard)(await this.getLogContent(), this.reportId, this.apiKey);
|
|
194133
194190
|
}
|
|
194134
194191
|
async outputAndShareReport(report) {
|
|
194135
194192
|
const outputDir = this.options.outputDir;
|
|
@@ -194139,7 +194196,7 @@ var require_cli_core = __commonJS({
|
|
|
194139
194196
|
(0, fs_1.writeFileSync)(jsonReportPath, JSON.stringify(report, null, 2));
|
|
194140
194197
|
logger_singleton_1.logger.info(kleur_1.default.green(`JSON report written to: ${jsonReportPath}`));
|
|
194141
194198
|
}
|
|
194142
|
-
const shareWithDashboard = this.
|
|
194199
|
+
const shareWithDashboard = this.apiKey.type === "present" && !this.options.disableReportSubmission && (this.options.repoUrl ?? this.options.projectName);
|
|
194143
194200
|
if (!shareWithDashboard) {
|
|
194144
194201
|
if (this.options.offlineDatabase) {
|
|
194145
194202
|
logger_singleton_1.logger.info("Running in offline mode. Skipping report submission to the dashboard");
|
|
@@ -194150,7 +194207,7 @@ var require_cli_core = __commonJS({
|
|
|
194150
194207
|
}
|
|
194151
194208
|
if (shareWithDashboard) {
|
|
194152
194209
|
logger_singleton_1.logger.info("Submitting report to the dashboard");
|
|
194153
|
-
await (0, dashboard_integration_1.sendToDashboard)(report, this.options.writeReportToFile, this.reportId, this.
|
|
194210
|
+
await (0, dashboard_integration_1.sendToDashboard)(report, this.options.writeReportToFile, this.reportId, this.apiKey);
|
|
194154
194211
|
}
|
|
194155
194212
|
if (report.vulnerabilities.some((v) => v.codeAwareScanResult.type === "analysisError")) {
|
|
194156
194213
|
logger_singleton_1.logger.warn("Analysis error detected in the report - sharing log with Coana to help debug the issue");
|
|
@@ -194169,9 +194226,8 @@ var require_cli_core = __commonJS({
|
|
|
194169
194226
|
debug: this.options.debug,
|
|
194170
194227
|
silent: this.options.silent,
|
|
194171
194228
|
coanaLogPath: this.coanaLogPath,
|
|
194172
|
-
reportId: this.reportId
|
|
194173
|
-
|
|
194174
|
-
});
|
|
194229
|
+
reportId: this.reportId
|
|
194230
|
+
}, this.apiKey);
|
|
194175
194231
|
const startTime = (/* @__PURE__ */ new Date()).toISOString();
|
|
194176
194232
|
this.sendProgress("CREATE_PROJECT_MANAGER", true);
|
|
194177
194233
|
const manager = await project_manager_1.ProjectManager.create(this.rootWorkingDirectory, otherModulesCommunicator, this.options.ecosystems, this.options.includeDirs, this.options.excludeDirs, this.options.changedFiles);
|
|
@@ -194180,7 +194236,7 @@ var require_cli_core = __commonJS({
|
|
|
194180
194236
|
(0, dashboard_integration_1.submitSubprojects)([...reachabilitySupport, ...traditionalScaSupport, ...noSupport].map((sp) => ({
|
|
194181
194237
|
...sp,
|
|
194182
194238
|
subprojectPath: (0, path_1.relative)(this.rootWorkingDirectory, sp.subprojectPath) || "."
|
|
194183
|
-
})), this.reportId, this.
|
|
194239
|
+
})), this.reportId, this.apiKey);
|
|
194184
194240
|
for (const unsupported of noSupport)
|
|
194185
194241
|
logger_singleton_1.logger.warn(unsupported.unsupportedMsg);
|
|
194186
194242
|
const includeScaOnlyMsg = `Coana found some projects where it supports traditional SCA, but the reachability analysis is not yet supported. Use --include-projects-with-no-reachability-support to conduct traditional SCA on these projects`;
|
|
@@ -194271,7 +194327,7 @@ var require_cli_core = __commonJS({
|
|
|
194271
194327
|
debug: this.options.debug,
|
|
194272
194328
|
silent: this.options.silent,
|
|
194273
194329
|
coanaLogPath: this.coanaLogPath
|
|
194274
|
-
});
|
|
194330
|
+
}, this.apiKey);
|
|
194275
194331
|
const providerManager = await project_manager_1.ProjectManager.create(providerProject, providerOtherModulesCommunicator, ["MAVEN"]);
|
|
194276
194332
|
const providerSubproject = providerManager.getSubproject("MAVEN", ".");
|
|
194277
194333
|
if (!providerSubproject) {
|
|
@@ -194358,14 +194414,14 @@ var require_cli_core = __commonJS({
|
|
|
194358
194414
|
subprojectPath: (0, path_1.relative)(rootWorkingDirectory, subprojectPath) || "."
|
|
194359
194415
|
}));
|
|
194360
194416
|
if (this.shareWithDashboard)
|
|
194361
|
-
(0, dashboard_integration_1.sendDependencyTreesToDashboard)(dependencyTrees, this.reportId, this.
|
|
194417
|
+
(0, dashboard_integration_1.sendDependencyTreesToDashboard)(dependencyTrees, this.reportId, this.apiKey);
|
|
194362
194418
|
const workspaceToVulnerabilities = Object.fromEntries(await (0, async_1.asyncMap)(workspacePaths, async (workspacePath) => this.spinner.wrap(`Scanning for vulnerabilities: (${subProjAndWsPath.packageManagerName}) ${(0, path_1.join)(subProjAndWsPath.subprojectPath, workspacePath)}`, async () => {
|
|
194363
194419
|
const dependencyTree = projectInfo[workspacePath].dataForAnalysis.dependencyTree;
|
|
194364
194420
|
this.sendProgress("SCAN_FOR_VULNERABILITIES", true, subprojectPath, workspacePath);
|
|
194365
194421
|
try {
|
|
194366
194422
|
return [
|
|
194367
194423
|
workspacePath,
|
|
194368
|
-
(await (0, vulnerability_scanning_1.scanForVulnerabilities)(dependencyTree, this.options.offlineDatabase, this.
|
|
194424
|
+
(await (0, vulnerability_scanning_1.scanForVulnerabilities)(dependencyTree, this.options.offlineDatabase, this.apiKey, Number(this.options.timeout))).vulnerabilities
|
|
194369
194425
|
];
|
|
194370
194426
|
} catch (e) {
|
|
194371
194427
|
logger_singleton_1.logger.error(`Scanning for vulnerabilities failed for subproject ${subprojectPath} in workspace ${workspacePath}`);
|
|
@@ -194436,7 +194492,7 @@ var require_cli_core = __commonJS({
|
|
|
194436
194492
|
type,
|
|
194437
194493
|
...subprojectPath ? { subprojectPath: (0, path_1.relative)(this.rootWorkingDirectory, subprojectPath) || "." } : {},
|
|
194438
194494
|
...workspacePath ? { workspacePath } : {}
|
|
194439
|
-
}, isStartEvent, this.reportId, this.
|
|
194495
|
+
}, isStartEvent, this.reportId, this.apiKey);
|
|
194440
194496
|
}
|
|
194441
194497
|
/**
|
|
194442
194498
|
* Augment the results field of the `vulns` with metadata.
|
|
@@ -194451,9 +194507,7 @@ var require_cli_core = __commonJS({
|
|
|
194451
194507
|
let dependencyType = getDependencyType(v.vulnChainDetails, v.results, directDependencies, reachability);
|
|
194452
194508
|
if (!dependencyType || dependencyType === "unknown") {
|
|
194453
194509
|
dependencyType = "prod&dev";
|
|
194454
|
-
|
|
194455
|
-
(0, dashboard_integration_1.sendWarningToDashboard)("Unable to determine dependency type", { subprojectPath, workspacePath }, { vulnChainDetails: v.vulnChainDetails, results: v.results, directDependencies, reachability }, this.reportId, this.options.apiKey);
|
|
194456
|
-
}
|
|
194510
|
+
(0, dashboard_integration_1.sendWarningToDashboard)("Unable to determine dependency type", { subprojectPath, workspacePath }, { vulnChainDetails: v.vulnChainDetails, results: v.results, directDependencies, reachability }, this.reportId, this.apiKey);
|
|
194457
194511
|
}
|
|
194458
194512
|
return {
|
|
194459
194513
|
vulnerabilityUrl: v.url,
|
|
@@ -194532,7 +194586,7 @@ var cli_core_1 = require_cli_core();
|
|
|
194532
194586
|
var version_1 = require_version();
|
|
194533
194587
|
var program = new commander_1.Command();
|
|
194534
194588
|
var run = new commander_1.Command();
|
|
194535
|
-
run.name("run").argument("<path>", "File system path to folder containing the project").option("-o, --output-dir <path>", "Write json report to <path>/coana-report.json").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("-p, --print-report", "Print the report to the console", false).option("--offline-database <path>", "Path to a coana-offline-db.json file for running the CLI without internet connectivity", void 0).option("-t, --timeout <timeout>", "Set API <timeout> in milliseconds to Coana backend.", "300000").option("-a, --analysis-timeout <timeout>", "Set <timeout> in seconds for each reachability analysis run").option("--memory-limit <memoryInMB>", "Set memory limit for analysis to <memoryInMB> megabytes of memory.", "8192").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("--api-key <key>", "Set the Coana dashboard API key. By setting you also enable the dashboard integration.").addOption(new commander_1.Option("--write-report-to-file", "Write the report dashboard-compatible report to dashboard-report.json. This report may help the Coana team debug issues with the report insertion mechanism.").default(false).hideHelp()).option("--project-name <repoName>", "Set the name of the repository. Used for dashboard integration.").option("--repo-url <repoUrl>", "Set the URL of the repository. Used for dashboard integration.").option("--include-dirs <dirs...>", "globs for directories to include from the detection of subprojects (space-separated). Notice, projects that are not included may still be scanned if they are referenced from included projects.").option("--exclude-dirs <dirs...>", "globs for directories to exclude from the detection of subprojects (space-separated). Notice, excluded projects may still be scanned if they are referenced from non-excluded projects.").option("--disable-analysis-splitting", "Limits Coana to at most 1 reachability analysis run per workspace").option("--print-analysis-log-file", "Store log output from the JavaScript/TypeScript reachability analysis in the file js-analysis.log file in the root of each workspace", false).option("--entry-points <entryPoints...>", "List of files to analyze for root workspace. The reachability analysis automatically analyzes all files used by the entry points. If not provided, all JavaScript and TypeScript files are considered entry points. For non-root workspaces, all JavaScript and TypeScript files are analyzed as well.").option("--include-projects-with-no-reachability-support", "Also runs Coana on projects where we support traditional SCA, but does not yet support reachability analysis.", false).option("--ecosystems <ecosystems...>", "List of ecosystems to analyze. Currently NPM, PIP, MAVEN and GO are supported. Default is all supported ecosystems.", (ecosystems) => ecosystems.split(" ").map((e) => e.toUpperCase())).option("--changed-files <files...>", "List of files that have changed. If provided, Coana only analyzes workspaces and modules that contain changed files.").option("--disable-report-submission", "Disable the submission of the report to the Coana dashboard. Used by the pipeline blocking feature.", false).option("--provider-project <path>", "File system path to folder containing the provider project (Only supported for Maven, Gradle, and SBT)").option("--provider-workspaces <dirs...>", "List of workspaces that build the provided runtime environment (Only supported for Maven, Gradle, and SBT)", (paths) => paths.split(" ")).option("--lightweight-reachability", "Runs Coana in lightweight mode. This increases analysis speed but also raises the risk of Coana misclassifying the reachability of certain complex vulnerabilities. Recommended only for use with Coana Guardrails mode.", false).addOption(new commander_1.Option("--run-without-docker", "Run package managers and reachability analyzers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new commander_1.Option("--run-env <env>", "Specifies the environment in which the CLI is run. So far only MANAGED_SCAN and UNKNOWN are supported.").default("UNKNOWN").choices(["UNKNOWN", "MANAGED_SCAN"]).hideHelp()).version(version_1.version).configureHelp({ sortOptions: true }).action(async (path2, options) => {
|
|
194589
|
+
run.name("run").argument("<path>", "File system path to folder containing the project").option("-o, --output-dir <path>", "Write json report to <path>/coana-report.json").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("-p, --print-report", "Print the report to the console", false).option("--offline-database <path>", "Path to a coana-offline-db.json file for running the CLI without internet connectivity", void 0).option("-t, --timeout <timeout>", "Set API <timeout> in milliseconds to Coana backend.", "300000").option("-a, --analysis-timeout <timeout>", "Set <timeout> in seconds for each reachability analysis run").option("--memory-limit <memoryInMB>", "Set memory limit for analysis to <memoryInMB> megabytes of memory.", "8192").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("--api-key <key>", "Set the Coana dashboard API key. By setting you also enable the dashboard integration.").addOption(new commander_1.Option("--write-report-to-file", "Write the report dashboard-compatible report to dashboard-report.json. This report may help the Coana team debug issues with the report insertion mechanism.").default(false).hideHelp()).option("--project-name <repoName>", "Set the name of the repository. Used for dashboard integration.").option("--repo-url <repoUrl>", "Set the URL of the repository. Used for dashboard integration.").option("--include-dirs <dirs...>", "globs for directories to include from the detection of subprojects (space-separated). Notice, projects that are not included may still be scanned if they are referenced from included projects.").option("--exclude-dirs <dirs...>", "globs for directories to exclude from the detection of subprojects (space-separated). Notice, excluded projects may still be scanned if they are referenced from non-excluded projects.").option("--disable-analysis-splitting", "Limits Coana to at most 1 reachability analysis run per workspace").option("--print-analysis-log-file", "Store log output from the JavaScript/TypeScript reachability analysis in the file js-analysis.log file in the root of each workspace", false).option("--entry-points <entryPoints...>", "List of files to analyze for root workspace. The reachability analysis automatically analyzes all files used by the entry points. If not provided, all JavaScript and TypeScript files are considered entry points. For non-root workspaces, all JavaScript and TypeScript files are analyzed as well.").option("--include-projects-with-no-reachability-support", "Also runs Coana on projects where we support traditional SCA, but does not yet support reachability analysis.", false).option("--ecosystems <ecosystems...>", "List of ecosystems to analyze. Currently NPM, PIP, MAVEN and GO are supported. Default is all supported ecosystems.", (ecosystems) => ecosystems.split(" ").map((e) => e.toUpperCase())).option("--changed-files <files...>", "List of files that have changed. If provided, Coana only analyzes workspaces and modules that contain changed files.").option("--disable-report-submission", "Disable the submission of the report to the Coana dashboard. Used by the pipeline blocking feature.", false).option("--provider-project <path>", "File system path to folder containing the provider project (Only supported for Maven, Gradle, and SBT)").option("--provider-workspaces <dirs...>", "List of workspaces that build the provided runtime environment (Only supported for Maven, Gradle, and SBT)", (paths) => paths.split(" ")).option("--lightweight-reachability", "Runs Coana in lightweight mode. This increases analysis speed but also raises the risk of Coana misclassifying the reachability of certain complex vulnerabilities. Recommended only for use with Coana Guardrails mode.", false).addOption(new commander_1.Option("--run-without-docker", "Run package managers and reachability analyzers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new commander_1.Option("--run-env <env>", "Specifies the environment in which the CLI is run. So far only MANAGED_SCAN and UNKNOWN are supported.").default("UNKNOWN").choices(["UNKNOWN", "MANAGED_SCAN"]).hideHelp()).addOption(new commander_1.Option("--guardrail-mode", "Run Coana in guardrail mode. This mode is used to prevent new reachable vulnerabilities from being introduced into the codebase. Usually run as a CI check when pushing new commits to a pull request.").default(false)).version(version_1.version).configureHelp({ sortOptions: true }).action(async (path2, options) => {
|
|
194536
194590
|
process.env.DOCKER_IMAGE_TAG ??= version_1.version;
|
|
194537
194591
|
await new cli_core_1.CliCore(path2, options).main();
|
|
194538
194592
|
});
|